The vision of a secure, passwordless experience on the web has long been on the minds of security professionals and password-fatigued users. An open standard called Web Authentication (or “WebAuthn”) is rapidly progressing towards achieving that vision after hitting a major milestone this week. Specifically, on April 10 the World Wide Web Consortium (W3C) and FIDO Alliance announced the promotion of the WebAuthn spec to the “Candidate Recommendation” stage, the precursor to the final approval of a web standard. A primer on the FIDO Alliance The FIDO ("Fast IDentity Online") Alliance is an industry consortium launched in 2013 to improve the interoperability among strong authentication devices to reduce the reliance on passwords and improve security. FIDO was involved heavily in driving the new WebAuthn spec, but was also previously responsible for two specifications that aim to solve the strong authentication problem: Universal Second Factor (U2F): Initially developed.